← Back to branch summary

~xibo-maintainers/xibo/tempel

« back to all changes in this revision

Viewing changes to lib/Controller/Applications.php

  • Committer: Dan Garner
  • Date: 2015-09-30 19:03:16 UTC
  • mto: (454.2.11) (471.2.2)
  • mto: This revision was merged to the branch mainline in revision 468.
  • Revision ID: git-v1:ed4f3a7dea2f9625c677bdcae08c6b070f61945d
Added the client_credentials grant to the API and improved the applications user interface.
Will need to supply a way to allow/deny the two grant types at the client level.

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/Controller/Applications.php
23
23
use League\OAuth2\Server\AuthorizationServer;
24
24
use League\OAuth2\Server\Grant\AuthCodeGrant;
25
25
use League\OAuth2\Server\Util\RedirectUri;
26
 
use League\OAuth2\Server\Util\SecureKey;
 
26
use Xibo\Entity\Application;
 
27
use Xibo\Exception\AccessDeniedException;
27
28
use Xibo\Factory\ApplicationFactory;
28
29
use Xibo\Helper\Help;
29
30
use Xibo\Helper\Log;
33
34
use Xibo\Storage\ApiClientStorage;
34
35
use Xibo\Storage\ApiScopeStorage;
35
36
use Xibo\Storage\ApiSessionStorage;
36
 
use Xibo\Storage\PDOConnect;
37
37
 
38
38
 
39
39
class Applications extends Base
52
52
    public function grid()
53
53
    {
54
54
        $this->getState()->template = 'grid';
55
 
        $this->getState()->setData(ApplicationFactory::query($this->gridRenderSort(), $this->gridRenderFilter()));
 
55
 
 
56
        $applications = ApplicationFactory::query($this->gridRenderSort(), $this->gridRenderFilter());
 
57
 
 
58
        foreach ($applications as $application) {
 
59
            /* @var Application $application */
 
60
            if ($this->isApi())
 
61
                return;
 
62
 
 
63
            // Include the buttons property
 
64
            $application->includeProperty('buttons');
 
65
 
 
66
            // Add an Edit button (edit form also exposes the secret - not possible to get through the API)
 
67
            $application->buttons = [];
 
68
 
 
69
            if ($application->userId == $this->getUser()->userId || $this->getUser()->getUserTypeId() == 1) {
 
70
 
 
71
                // Edit
 
72
                $application->buttons[] = array(
 
73
                    'id' => 'application_edit_button',
 
74
                    'url' => $this->urlFor('application.edit.form', array('id' => $application->key)),
 
75
                    'text' => __('Edit')
 
76
                );
 
77
            }
 
78
        }
 
79
 
 
80
        $this->getState()->setData($applications);
56
81
        $this->getState()->recordsTotal = ApplicationFactory::countLast();
57
82
    }
58
83
 
126
151
        ]);
127
152
    }
128
153
 
 
154
    public function editForm($clientId)
 
155
    {
 
156
        // Get the client
 
157
        $client = ApplicationFactory::getById($clientId);
 
158
 
 
159
        if ($client->userId != $this->getUser()->userId && $this->getUser()->getUserTypeId() != 1)
 
160
            throw new AccessDeniedException();
 
161
 
 
162
        // Render the view
 
163
        $this->getState()->template = 'applications-form-edit';
 
164
        $this->getState()->setData([
 
165
            'client' => $client,
 
166
            'help' => Help::Link('Services', 'Register')
 
167
        ]);
 
168
    }
 
169
 
129
170
    /**
130
171
     * Register a new application with OAuth
131
172
     */
132
173
    public function add()
133
174
    {
134
 
        // Make and ID/Secret
135
 
        $id = SecureKey::generate();
136
 
        $secret = SecureKey::generate(254);
137
 
 
138
 
        // Simple Insert for now
139
 
        PDOConnect::insert('
140
 
            INSERT INTO `oauth_clients` (`id`, `secret`, `name`)
141
 
              VALUES (:id, :secret, :name)
142
 
        ', [
143
 
            'id' => $id,
144
 
            'secret' => $secret,
145
 
            'name' => Sanitize::getString('name')
146
 
        ]);
147
 
 
148
 
        // Update the URI
149
 
        PDOConnect::insert('INSERT INTO `oauth_client_redirect_uris` (client_id, redirect_uri) VALUES (:clientId, :redirectUri)', [
150
 
            'clientId' => $id,
151
 
            'redirectUri' => Sanitize::getString('redirectUri')
152
 
        ]);
153
 
 
154
 
        // Return
155
 
        $this->getState()->hydrate([
156
 
            'message' => sprintf(__('Added %s'), Sanitize::getString('name')),
157
 
            'id' => $id
 
175
        $application = ApplicationFactory::create();
 
176
        $application->name = Sanitize::getString('name');
 
177
        $application->save();
 
178
 
 
179
        // Return
 
180
        $this->getState()->hydrate([
 
181
            'message' => sprintf(__('Added %s'), $application->name),
 
182
            'data' => $application,
 
183
            'id' => $application->key
 
184
        ]);
 
185
    }
 
186
 
 
187
    public function edit($clientId)
 
188
    {
 
189
        // Get the client
 
190
        $client = ApplicationFactory::getById($clientId);
 
191
 
 
192
        if ($client->userId != $this->getUser()->userId && $this->getUser()->getUserTypeId() != 1)
 
193
            throw new AccessDeniedException();
 
194
 
 
195
        $client->name = Sanitize::getString('name');
 
196
 
 
197
        if (Sanitize::getCheckbox('resetKeys') == 1) {
 
198
            $client->resetKeys();
 
199
        }
 
200
 
 
201
        $client->save();
 
202
 
 
203
        // Return
 
204
        $this->getState()->hydrate([
 
205
            'message' => sprintf(__('Added %s'), $client->name),
 
206
            'data' => $client,
 
207
            'id' => $client->key
158
208
        ]);
159
209
    }
160
210
}
161
 
 
162
 
?>
 
 
b'\\ No newline at end of file'